An on-premises solution that detects credential attacks, malicious behavior, and prevents significant damage.
Monitor the behavior of Active Directory users and notify the organization’s administrators when unusual behavior related to credentials is detected.
Close
Close
- Microsoft Defense for Office 365
・Terminal infection by opening malicious attachments
• Account takeover by browsing the site that opens from a phishing link and entering an ID password
・Terminal infection due to identity theft email - Microsoft Defender For Endpoint (EDR)
・Continuing infection through advanced memory-based kernel-based attacks by bypassing antivirus software - Microsoft Entra ID
・Detect suspicious signatures and compromised account credentials
- Microsoft Defense for Identity (Note 4)
・Late-directed account takeover using path the hash/path the ticket
・Intrusion into the company by taking over the domain (such as Golden Ticket) - Microsoft Defender for Cloud Apps (CASB)
・Information leakage due to mass download of confidential information
・Disclosure and spread of information due to unauthorized use of SaaS apps - Microsoft 365 Defender (XDR)
Data Protection and Device Management
Cloud authentication infrastructure that
bundles Office 365 and Intune
- Microsoft Entra ID -
■ Authentication infrastructure provided as a cloud service
Since it is provided as a cloud service, authentication can be performed from anywhere, regardless of location. Business apps can be accessed with a secure environment both internally and externally.
■ Link with various SaaS apps on the internet
The same method can be used to authenticate various applications other than those provided by Office 365. Eliminates the need to manage ID/PWs for each application, reducing the risk of ID/PW loss.
■ Achieve secure Single Sign-On (SSO)
Multi-factor authentication and conditional access can be configured for each user (Note 1). Access control can be set according to usage scenarios, such as when using the system from outside the company, or when setting stronger authentication for outsourced employees.
- Note 1) Microsoft Intune license is required for device-based access control.
Provides mobile device management and mobile app management capabilities
- Microsoft Intune -
■ Centralized management of multiple devices
Devices can be centrally managed using the same policy regardless of OS type or device location.
■ Measures against mobile device theft/loss
Policies can be used to apply appropriate security settings to mobile devices. In addition, Remote locking and wiping (data erasure) can also deter data theft within the device.
■ Deployment and protection of business applications
Bulk application deployment (Note 2) to registered devices and protection of application data can deter data from being taken out to non-business applications.
- Note 2) Microsoft Intune license is required for device-based access control.
Files on cloud storage or within the device are stored in the
Classify and encrypt to protect data
- Azure Information Protection -
■ File classification and encryption
The content of files can be determined based on policies defined by the administrator and encryption can be set automatically (Note 3).
■ Control of authority
Set the access permissions for each file category. File sharing can be performed within the scope of intended permissions, including for users outside the company (Note 4).
■ Tracking and handling unauthorized access
Tracks file access and revokes access privileges in the event of unauthorized access, thereby protecting internal data from unauthorized removal or loss/theft.
- Note 3) For the automatic labeling function, a license for Azure Information Protection Premium P2 is required.
- Note 4) Azure Information Protection Viewer is required for external users to open encrypted files.
Other security features
Advanced features to prevent cyber attacks
Do not pass authentication information even if it is invaded
- Windows Defender Confidential Guard -
In recent years, targeted attacks, which are important in security measures, tend to focus only on attack entrance measures such as targeted emails and zero-day attacks.
However, by analyzing the attack method, it can be seen that protection of authentication information and account information other than the entrance is the key to countermeasures. Credit Guard protects authentication information from attackers, prevents pass-the-hardening attacks, and prevents company-wide administrator privileges and data theft.
■ Authentication information is stored in a secure area
Important authentication information is stored in an independent and secure environment separate from the environment in which it runs on Windows (R) OS to prevent access from malware that invades Windows (R) OS. Anti-malware prevents damage from spreading even if a device is invaded and local administrator privileges are stolen (Note 5).
- Note 5) It can be set and managed with group policy, command prompt, PowerShell, etc.
Runs only trusted applications to protect devices
- Windows Defender Device Guard -
Targeted email attacks are evolving. The attacker uses various disguised techniques to prevent distrust and discomfort among email recipients. It is not sufficient to simply educate users to avoid opening suspicious e-mails.
In addition, conventional anti-virus software cannot prevent new types of viruses, sub-types of viruses, zero-day attacks, etc. The Device Guard prevents malware infection.
■ Allow Only Trusted Applications to Run
Blocks the execution of malware and applications not authorized by the administrator, such as targeted email attacks. Unlike conventional blacklisting (malware pre-registration), it can respond to unknown zero-day attacks.
■ Protects device from boot processing during startup
Since it starts up from a secure boot, it is also possible to avoid malware that infects the master boot when the device is started.
High Performance
- Microsoft Defender For Endpoint -
Inquiries about the Service
KDDI Corporate Sales Representative will consult with you and provide you with an estimate for the introduction.
If you have any questions, please feel free to contact us.
